CVE-2023-35871

🗓️ 11 Jul 2023 02:41:03Reported by sapType

The SAP Web Dispatcher has a vulnerability in versions 7.53, 7.54, 7.77, 7.85, 7.89, 7.91, 7.92, 7.93, and various other components leading to memory corruption and potential information disclosure or system crashes

Reporter	Title	Published	Views	Family All 11
CNNVD	SAP Web Dispatcher 缓冲区错误漏洞	11 Jul 202300:00	–	cnnvd
CNVD	SAP Web Dispatcher Buffer Overflow Vulnerability	14 Jul 202300:00	–	cnvd
Cvelist	CVE-2023-35871 Memory Corruption vulnerability in SAP Web Dispatcher	11 Jul 202302:41	–	cvelist
EUVD	EUVD-2023-39864	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in SAP products	11 Jul 202300:00	–	ncsc
NVD	CVE-2023-35871	11 Jul 202303:15	–	nvd
OSV	CVE-2023-35871	11 Jul 202303:15	–	osv
Prion	Memory corruption	11 Jul 202303:15	–	prion
Positive Technologies	PT-2023-4048 · Sap · Sap Extended App Services +5	11 Jul 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-35871	23 May 202504:37	–	redhatcve

NVD

Vulners

Node

sap web_dispatcherMatch7.53

sap web_dispatcherMatch7.54

sap web_dispatcherMatch7.77

sap web_dispatcherMatch7.85

sap web_dispatcherMatch7.89

sap web_dispatcherMatch7.91

sap web_dispatcherMatch7.92

sap web_dispatcherMatch7.93

sap web_dispatcherMatchhdb_2.00

sap web_dispatcherMatchkernel_7.53

sap web_dispatcherMatchkernel_7.54

sap web_dispatcherMatchkernel_7.77

sap web_dispatcherMatchkernel_7.85

sap web_dispatcherMatchkernel_7.89

sap web_dispatcherMatchkernel_7.91

sap web_dispatcherMatchkernel_7.92

sap web_dispatcherMatchkernel_7.93

sap web_dispatcherMatchkrnl64uc_7.53

sap web_dispatcherMatchsap_extended_app_services_1

sap web_dispatcherMatchxs_advanced_runtime_1.00

[
  {
    "defaultStatus": "unaffected",
    "product": "SAP Web Dispatcher",
    "vendor": "SAP_SE",
    "versions": [
      {
        "status": "affected",
        "version": "WEBDISP 7.53"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.54"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.77"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.85"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.89"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.91"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.92"
      },
      {
        "status": "affected",
        "version": "WEBDISP 7.93"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.53"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.54 KERNEL 7.77"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.85"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.89"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.91"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.92"
      },
      {
        "status": "affected",
        "version": "KERNEL 7.93"
      },
      {
        "status": "affected",
        "version": "KRNL64UC 7.53"
      },
      {
        "status": "affected",
        "version": "HDB 2.00"
      },
      {
        "status": "affected",
        "version": "XS_ADVANCED_RUNTIME 1.00"
      },
      {
        "status": "affected",
        "version": "SAP_EXTENDED_APP_SERVICES 1"
      }
    ]
  }
]

Source	Link
me	www.me.sap.com/notes/3340735
sap	www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

21 Nov 2024 08:08Current

8High risk

Vulners AI Score8

CVSS 3.17.7 - 9.4

EPSS0.0067

SSVC

CWE-787